Partnership Outcomes
About Fosroc
Fosroc is a British manufacturer of specialized construction chemicals that cater to a range of sectors including commercial, industrial, residential, marine and infrastructure.
Company Size 3000
Location 25 locations across Europe, Middle East and Asia Pacific
Industry Construction
“Gaining visibility has been one of the greatest benefits of partnering with SecurityHQ. An enhanced understanding of what is happening around our landscape has been vital. SecurityHQ has helped us identify key knowledge gaps and upskill our people into areas that we didn’t otherwise realize were necessary.”
Top Challenge: Limited Resources
One of the most impressive elements regarding the Fosroc team is how much they do in terms of how small their IT team is. Fosroc has 22-24 dedicated IT Professionals across the company and manages 21 locations across the globe across multiple different technologies.
The IT team provides Follow-the-Sun support, while delivering transformational large-scale projects. The fact that they can do all of that at the same time, whilst ensuring security across the group, is impressive.
‘What our team achieves would not be possible without the right partners in place. We do what we do because we’ve engaged with partners like SecurityHQ.’
Naser S. Sultan, Vice President, Corporate Development and Operations, took over the IT function at Fosroc in 2018 to form a resilient force that could respond to threats as they arose. When Sultan evaluated the processes, his initial action was to make sure that the team were adding value to the business rather than being a roadblock. His priority was to enhance the security footprint of the business, to form a resilient team that could respond to threats quickly and effectively as they came in, and to make their systems and infrastructure as robust as possible.
‘We quickly realized that we run a very lean team. We have a leading infrastructure, but we do not have dedicated people responsible for it. We needed help to manage what we have. We needed help to understand the things that we don’t know about. We needed an expert to guide us and help us along this journey, and SecurityHQ has been that.’
Benefit 1: Visibility Across the Entire Infrastructure
Initially, Fosroc did not have the right type of visibility into what was targeting them. They did not have a SIEM implemented, and they did not know about all the different events that were taking place.
To start, SecurityHQ:
- Provided 24/7 visibility of assets
- Ran regular Tabletop exercises
- Enabled Vulnerability Management as a Service
‘Gaining visibility has been one of the biggest benefits of partnering with SecurityHQ. An enhanced understanding of what is happening around our landscape has been vital. Engaging with SecurityHQ has helped us understand and identify key knowledge gaps and, with this knowledge, upskill our people into areas that we didn’t otherwise realize were necessary.’
Benefit 2: Effective Actions & Time Saved
Once threats were made visible, SecurityHQ understood what needed to be done and quickly worked to mitigate and/or resolve any type of threat encountered.
Focus 1: The more the company has been in the media, the greater the uptick of threats. Many Fosroc employees have been targeted with malicious WhatsApp messages, calls, and or emails pretending to be from the company or the CEO or CTO of a partner.
Focus 2: The second focus was on hardening defenses and understanding where vulnerabilities existed. Some vulnerabilities cannot be mitigated, simply because of legacy applications that must run to support critical infrastructure. Working out what to change and what to keep was the next step.
The team continued their development and, along with it, their achievements and successes with the managed Cloudflare service. They implemented ransomware controls and deployed CIS hardening benchmarks for the Database Estate and for the Internet Information Services (IIS) server fleet. They also put in place automation where needed to help save the team time.
‘With the time saved, our team spends more time devoted to other projects that would otherwise either take longer or would be pushed/outsourced. So that’s certainly been a great advantage that we’re simply able to take on more.’
The SecurityHQ team provides a weekly and monthly analysis report of all findings that shows detailed event analysis, including incident summaries, incident types, risks, trends, alert levels, attack attempts, asset details and much more.
‘I find these reports very useful. I present this information to the board, and the findings in these reports are used in the board papers, which impacts decision making.’
Benefit 3: A Personalized Approach
SecurityHQ’s and Fosroc’s values are very much aligned when it comes to building a personalized relationship.
‘We are not just another customer, and they are not just another supplier; there is a real sense of collaboration working with SecurityHQ. They have a massive database of global customers, and despite this, we feel like we are interacting with real people and getting real personalized service and expertise.’
A Collaborative Future
‘I know that if the team has any issue, SecurityHQ goes beyond just sending a dashboard, and having a security specialist on hand means we can reach out and get a very quick response. That is something you don’t get with, and we have struggled receiving from, other security companies.’
‘The partnership goes both ways. We have such a fantastic team on the Fosroc side, who are responsive and collaborative. They understand how to work together, and we have achieved so much in our time working together. They have a fantastic team that is always looking to improve their security’
Get in Touch.
Talk with one of our experts today.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.